Perm Spoofer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Perm Spoofer.exe
Size

663KB
MD5

5827fbc82afa818e91dc4912a0d4c776
SHA1

588b346e8fbb40f02231bc639e60ae9b5a02360d
SHA256

04995cab613e519fd9748a8d6e116184e5bda94bbd2fa11109ae3cec74505152
SHA512

af34b31cdb49a169fe24d9f63ee64e633bdf13c9b6f5117b7d5752c022ae0867181148425765a9bb512ff604ec867285d92c746e38a912f95f676451c3f5cd3f
SSDEEP

12288:IixAYbUozJs7N08V3431FVJf7JjVKDsciuWnX/iwg5ZZ6lXuFOLlZyKXYOxaVfU0:ICAYbUo1sCo43TXtgsciuWnPlgKlXus2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Perm Spoofer.exe

Files

Perm Spoofer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 661KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ